White Paper
Business - IT Alignment
Operations Bridge
January 2000
Version 2.0
Table of Contents
INTRODUCTION ............................................................................................................................. 5 THE IMPORTANCE OF PROCESS TO IT ..................................................................................... 8 CONCERNING IT REENGINEERING ....................................................................................... 11 The Role of Process Owner .................................................................................................... 12 Transitions ................................................................................................................................. 13 THE IMPORTANCE OF PROCESS-ENABLING TECHNOLOGY ............................................... 15 SUPPORTING E-SERVICES THROUGH IT SERVICE MANAGEMENT (ITSM) ........................ 16 The Need for a Model ................................................................................................................ 17 THE HP IT SERVICE MANAGEMENT REFERENCE MODEL.................................................... 18 Benefits of the Model ................................................................................................................. 19 Model Content............................................................................................................................ 20 Five Process Groups ............................................................................................................. 20 THE ITSM REFERENCE MODEL PROCESSES ......................................................................... 22 Business-IT Alignment ............................................................................................................... 23 Business Assessment............................................................................................................ 23 Customer Management ......................................................................................................... 23 IT Strategy Development ....................................................................................................... 24 Service Design and Management.............................................................................................. 24 Service Planning .................................................................................................................... 24 Service Level Management ................................................................................................... 25 Security Management ............................................................................................................ 25 Availability Management ........................................................................................................ 26 Capacity Management ........................................................................................................... 26 Cost Management.................................................................................................................. 27 Service Development and Deployment ..................................................................................... 27 Build and Test ........................................................................................................................ 27 Release to Production............................................................................................................ 28 Operations Bridge ...................................................................................................................... 29 Operations Management ....................................................................................................... 29
Page 2 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
Incident Management ............................................................................................................ 29 Problem Management............................................................................................................ 30 Service Delivery Assurance....................................................................................................... 30 Change Management ............................................................................................................ 30 Configuration Management.................................................................................................... 31 SO WHERE DO YOU START?..................................................................................................... 32 Scenario 1: My Help Desk is Broken! ........................................................................................ 32 Scenario 2: My Customers are Asking Us to Write SLAs!......................................................... 32 Scenario 3: We Need Better Control of our Production Environment! ...................................... 33 The Bottom Line......................................................................................................................... 34
January 2000
Version 2.0
Table of Figures
FIGURE 1: THE RELATIONSHIP BETWEEN E-COMMERCE, E-BUSINESS AND E-SERVICES ........................ 5 FIGURE 2: REENGINEERING A BRIDGE BETWEEN PROCESS AND PEOPLE ........................................ 11 FIGURE 3: PROCESS MANAGEMENT CHARACTERISTICS ..................................................................... 11 FIGURE 4: NEW SKILL DEVELOPMENT AND ATTITUDE TRANSITION ...................................................... 13 FIGURE 5: THE ITSM REFERENCE MODEL PROCESS GROUPS........................................................... 20 FIGURE 6: THE REFERENCE MODEL PROCESSES .............................................................................. 22
January 2000
Version 2.0
Introduction
This white paper describes the HP IT Service Management Reference Model. This model is a significant tool proven to be useful in presenting and describing the many IT Management processes, inter-process relationships, and business linkages IT needs to put in place for the successful development, deployment and support of services in the e-world. As we enter the new millennium, corporate IT organizations are once again being forced to deal with another challenge: "e-everything" - brought about by the emergence of new technology, the pervasiveness of the Internet, and an ever-increasing competitive marketplace. E-commerce, e-business and e-services are already making fundamental changes to the way businesses are created and operated and to how we live and work. The following diagram shows the relationship between these three terms.
1 2 3
HOME
E-commerce
E-services
(The next E)
B B2
B2C
TRAVEL
B2 C
B2B
B2B
E-business
B2B
AUTO
BANKING
WIRELESS
Buying a home or car, shopping for books or groceries, managing your personal finances and trading stock, planning a trip or mapping your family genealogy, are activities that are done significantly differently today than just two years ago. Companies like eBay, Amazon.com, AutoMall.com, Charles Schwab, and Yahoo, represent just a few success stories of the companies that have been on the forefront of the e-services revolution. More and more companies are actively seeking ways to reach new markets and customers through e-business offerings. International Data Corporation (IDC) predicts that by 2002,
1 E-commerce is a term that refers to the buying and selling of goods and services over the Internet both business-tobusiness (B2B) and business-to-consumer (B2C) transactions. 2 E-business ("electronic business," derived from such terms as "e-mail" and "e-commerce") embraces e-commerce, but also includes Internet-based communications and Web-enabled business processes. 3 An e-service is a service or resource available on the Internet that conducts a transaction, completes a task, or solves a problem -- and can be used by people, businesses and things (such as our cars, our homes, manufacturing lines, anything with a microchip in it). E-services are easily understood from the end-customer viewpoint i.e., buying a car online, trading stock online, arranging a trip online, etc. But e-services can also refer to IT resources offered via the Net such as storage, MIPS on demand, enterprise applications, etc. Note that e-commerce and e-business were essential foundations required before e-services could be used successfully. Page 5 of 36
January 2000
Version 2.0
e-commerce is expected to be worth $223 billion and Western Europe will have 63 million people accessing the Internet. Goldman Sachs predicts a 40-50% rise in online brokering and 4 an increase of 35-40% in online banking in this same time period. But both IT and business organizations are quickly learning that entering the world of e-services is not without a price. Familiar IT challenges such as unstable infrastructures, the reeducation of personnel, continuous hardware upgrades, server consolidation projects, organizational 5 reengineering efforts, and steady cost pressure are being made all the more acute by the additional pressures of e-commerce upon IT. Pressures to refocus IT energies and resources on delivering competitive quality services are forcing IT organizations to closely track customer satisfaction and begin serious implementations of process management techniques and tools. The drive to deliver end-to-end everything is putting IT in the position of having to continually reinvent itself and the services IT delivers. Consider the rapid evolution of e-services currently being experienced. The Internet used to be a vast uncharted sea populated by a variety of stand-alone web sites or "cyber-islands," offering individual, non-integrated e-services. This forced us customers to manually traverse the Internet, laboriously seeking the things we needed, often from several different web sites, as when planning a vacation, for instance. Flights and vehicles had to be reserved, hotels booked, tours arranged, etc. To accomplish almost anything that was Internet-related meant you really had to work the web. Soon, web "portals" started popping up around the Internet to address this issue and enhance our Internet experience, providing us seekers with one-stop "shopping," quite literally. Customers only have to visit a single portal to make their reservations, check the weather, plan their tours, etc. But even now, most portals still don't integrate many of the "behind the scenes" e-services we are presented with (e.g., your flight reservation, your rental car, your hotel, etc.). This means again, more labor as changes to one aspect of an itinerary (e.g., a cancelled flight) means manually changing other aspects of the planned trip (e.g., canceling the car, changing hotel room reservation, etc.). Now, integrated e-services portals, sometimes referred to as "enterprise portals," are making an appearance on the Net. Such advanced portals (e.g., www.expedia.com) provide the necessary communications between multiple e-services that was previously lacking. Therefore, continuing this example, if a flight gets cancelled, our other arrangements (such as rental car pickup time, restaurant reservation time, etc.) can be adjusted quite easily. But today's enterprise portals will transition again into tomorrow's e-services brokers. Customers will simply make an initial request (qualified by various parameters) via voice, email, the web, etc., to an e-services broker application that will then act upon that request, seeking the very best e-service offerings for the requestor. This will be a world where e-services will no longer be static, but rather created and customized to individual preferences, on the spur of the moment. While such a concept can cause potential customers to stand and cheer, it can also cause IT managers to take a seat while they catch their breath. For, as anyone experienced with IT can tell you, if the world is going to get easier for end-customers, it is going to get more complicated for IT. Indeed, the pressure that is being placed on IT organizations today is in direct proportion to the increased value businesses expect to receive from their IT departments as companies take their "leap of faith" into the world of e-services. If your company is planning to compete in the world of e-business then your IT organization had better get prepared, because e-services are all inherently mission critical. In fact, e-services implies "mission critical everything," and "end-to-end everywhere."
M2 Communications PRESSWIRE report, "SAFETYNET GROUP: World's first e-commerce business continuity solution launched by Safetynet," 10/04/1999. 5 Ibid. Small and medium enterprises (SMEs) are expected to experience a threefold increase in IT spending, again by 2002. Page 6 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
If IT organizations are to have any hope of meeting the new information demands of the e-services revolution, they are going to have to move away from the traditional utility management of things, to the management of services. This is essentially what Hewlett-Packard's IT Service Management Reference Model was designed to address. As IT organizations struggle to refocus their efforts on service management instead of technology management, and on customers instead of users, an integration of process, people, and technology - the three critical elements required to provide and manage quality services - is of the utmost importance.
January 2000
Version 2.0
January 2000
Version 2.0
level of service being provided." Dataquest reports that about a third of the 37 million U.S. households with Internet access have experienced ordering problems, and e9 BuyersGuide.com says that one in 10 orders could not be filled for online shoppers. Ecommerce customers need to know and feel confident that every time they use an online service, they will always get the same positive results. the linkages between IT processes (e.g., Build & Test and Release to Production) are undefined, or worse, non-existent, thereby causing further delays to already tight production schedules, missed customer commitments, and loss of revenue. One effect that e-commerce is having on the world today is that it is producing an overwhelming sense of "immediacy" in customers. People expect that when they click on their mouse and select a service (e.g., buying a mortgage, a car, or insurance, etc.), they will get what they want - now. In the case of some online software purchases, the transaction completes with the software being downloaded to their PC immediately. In others, products need to be mailed. But in any case, customers expect a rapid response to their transaction. After all that's one reason they use the Internet to conduct business - because it's faster than leaving the house in search of some service or product, even faster than using the phone to order something. If an e-business has problems producing their products or moving them into the delivery chain quickly, customers will take their business to some other Web site. In a study of over 400 online consumers, 13 percent stated that they would NOT go back to at least one web site they have already 10 used. the staff whose job it is to perform a process (e.g., Helpdesk or Problem Management) have unclear roles and responsibilities and are not measured on performing the process, thus leading to accountability failures when things go wrong, and complicated finger-pointing when trying to fix a broken service. People and technologies are far from perfect. Service outages are going to occur. They are an unfortunate fact of business life. Given this fact, every effort needs to be taken to ensure that when they do occur services can be restored as quickly as possible. Behind the scene operations are critical when service interruptions are experienced, as everyone involved in service delivery and support must go into action and perform their jobs - without confusion - and without delay. Whereas providing good services has always been a challenge, for businesses that rely mostly or completely on e-commerce, 11 it can be the difference between success and Chapter 11 as major e-businesses 12 "stand to lose hundreds of thousands of dollars for every hour their web site is down." The situations and corresponding results cited above are all examples of what can happen when your IT organization is having a process "problem." And if they appear familiar, or remind you of recent experiences, then you should have serious reservations about venturing into the development and support of an e-service, because business success is going to be very difficult to achieve until these problems are addressed. The IT processes supporting your e-services must be identified, well defined, documented, and communicated to all affected personnel. Further, your processes must be measurable. Remember - if your IT processes are not being measured, they can't be improved! Measuring a well-defined process, including its inputs and outputs, will provide your organization with the ability to predict process performance over time. This capability is both basic and integral to any actual continuous process improvement effort.
Reuters English News Service, "USA: NetTrends - The threat to online shopping services," 09/07/1999. Ibid. Ibid. 11 A common legal term for bankruptcy. 12 Business Wire, "Unexpected Downtime Can Mean 'Chapter 11' to Companies Whose Core Business is Commerce Over the Internet, According to Cahners In-Stat Group," 09/15/1999. Page 9 of 36
9 10 8
January 2000
Version 2.0
With proper metrics, IT can gauge process performance and make any required adjustments to a process proactively - before service failure (indicated by trend analysis) - instead of reactively, when an e-business opportunity may have already been lost. It is important to remember also that no process stands alone. This means that defining and measuring any individual process must be done in the context of the greater whole; that is, by understanding and defining the interrelationships and dependencies between the target process and other related processes in the IT environment. Unclear or undefined process relationships can lead to false hopes and/or frustration when the process you just "fixed" leads to breakdowns in other related processes -- not unlike plugging a hole in a dike, only to find a new leak somewhere else.
January 2000
Version 2.0
Concerning IT Reengineering
Any attempt to implement new IT processes without addressing the implications these processes will have on people is going to end in failure. Too often, companies seek to take advantage of new processes and tools, yet refuse to consider any changes to the way the IT organization is structured, the new roles that need to be implemented, etc. What is wrong with this approach? Why do these same businesses soon find themselves wondering why their efforts failed? Essentially these companies have not yet grasped the fact that designing and implementing new IT processes is true process reengineering. Process reengineering is the essential bridge that connects people to process.
The reason: process reengineering implies Process Management Process Management is the integration of people, information, tools, and procedural structures (i.e., the steps that define how work gets done) to ensure conformance to performance and quality objectives in an economical manner (i.e., that processes meet customer and business needs). When process management has been applied to one or more target processes, they should exhibit the following characteristics:
1. Process Ownership Assigned accountability 2. Process Measurement Measurable conformance to user requirements 3. Process Control Assurance that outputs meet specifications 4. Process Optimization Increased productivity and efficiency 5. Continuous Process Improvement Defect removed defect cause removed
Note that none of these characteristics (see Figure 3 above) are possible without somehow affecting the people in your organization and the way they do their jobs. After all, the bestPage 11 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
designed processes in the world (the hopeful result of #6 above) arent worth the paper they are written on without people to perform the work defined by the design. Implementing characteristic #1 (above) can have a dramatic and immediate impact on your organization because it has a direct effect on your organizational structure. How? Well, one of the first tasks to accomplish after identifying the processes performed by your organization is to assign the role of process owner to those processes. And for most companies, this is a new role that needs to be clearly defined and understood.
January 2000
Version 2.0
There are of course, other process roles that need to be considered when implementing new processes, each of which must be reviewed for possible impact to the organization and implementation risks, benefits, and consequences. Again, many companies defer such role considerations or completely disavow them, thinking that they can still reap process benefits without affecting their organizational structure. But to do this is to invite failure. How new roles are implemented will vary from company to company, as corporate cultures and organizational structures can be quite different. In larger companies with more complex organizational structures, Process Owners are typically assigned one (and only one) to a process and may delegate the responsibility of managing continuous process improvement to people whose job it is to manage quality. Often some kind of Quality entity within IT exists in such companies, staffed with specialists. But in smaller companies, Process Owners may have to be responsible for more than one process and also assume the task of leading continuous process improvement efforts. These and other important decisions will be required by organizations to identify new roles, responsibilities, job definitions and lines of reporting, and it is natural that people are going to resist changes to the way they have been doing their work. People who are reluctant to change may need the occasional "guidance" that can only come from strong internal sponsorship, where upper-level management is not just aware of the effort, but actively engaged. Anyone who has ever been involved with either improving or designing/implementing new processes knows what happens when the appropriate sponsorship is missing. The so-called "Information Highway" is littered with the remains of such efforts. Attempting to introduce new or significantly improved IT processes without addressing the new roles, responsibilities, metrics, and job descriptions required to perform the new processes can lead to dismal process performance, frustrated staff, and potential failure. This is often what happens when IT process design/implementation is treated as just another project, rather than what it really is - a reengineering effort.
Transitions
Characteristics #2 - #5 above (see Figure 3) have further implications for organizations. Many of the IT processes currently in place in companies throughout the world are measured poorly or not measured at all for performance; dont have clearly defined output specifications; arent reviewed for optimization; and werent designed for continuous process improvement. This means that for many organizations attempting to implement process management, these are going to be new activities for people, and may require new technologies to assist in these efforts. As a result, current skills and capabilities will have to be assessed and reviewed, and training plans will have to be generated to address all new requirements. Some others transitions IT will experience affect not only skills, but also the following attitudes:
From
Users Inward Looking Technology Focus Ad Hod Processes Best Efforts Entirely In-House Fragmented, Silos Reactive Operations Manager System Skills
To
Customer Outward Looking Process Focus Rationalized, Streamlined Processes Measured, Accountable Processes Balanced In/Outsourcing Integrated, End-to-End Proactive Service Management Listening Skill
January 2000
Version 2.0
Essentially, (refer to Figure 4 above) in order to become more customer-focused and serviceoriented, IT organizations need to: Stop viewing the consumers of their services as users, and start viewing them as customers. Temper their traditional inward perspective and start looking outward. Expand their focus on technology (things) to include a focus on process (service solutions) Move away from isolated ad hoc processes and start developing business-justified, streamlined IT processes. Stop attempting to address customer service requirements with best-effort process improvements and start implementing measurable, accountable IT processes. Expand their work efforts, which have historically been centered on in-house solution developments, to include a cost-justified balance between insourcing and outsourcing. Develop and implement integrated, end-to-end IT processes and discard any fragmented processes, thus avoiding process silos. Utilize the new process improvements to change the reactive IT organization to one that is proactive. Define and develop new service-oriented roles and responsibilities. Embellish the traditional IT system skills with new customer-focused skills, by learning to listen to the customer.
January 2000
Version 2.0
January 2000
Version 2.0
January 2000
Version 2.0
This means that underlying IT services, just like the e-services they support, have to be carefully planned, deployed, and maintained. Changes to the production IT environment must be carefully monitored and controlled, service-related assets must be tracked, incidents handled quickly, service level commitments must be met, potential service outages addressed before they happen, computer operations must continue uninterrupted, etc. The bottom line is that if IT doesn't have its own service "act" together, delivering successful e-services to customers just isn't going to happen. And herein lies a dangerous trap. For with the entire industry in an uproar as everyone starts marching to the e-services drumbeat, it will be easier than ever for corporations to forget their basic support requirements (e.g., stabilizing their infrastructure, implementing process management, etc.) in all the excitement around developing an e-business - at a time when those basic support requirements are going to be more important then ever before. IT organizations need to be vigilant and continue asking themselves: "What do we need to have in place in order to support our business objectives?" Answering this question serves to reemphasize the continuing importance of some of the major challenges facing IT organizations today, as IT strives to identify: what IT processes are required to deliver quality IT services what interprocess relationships and business linkages are required to deliver quality IT services what appropriate technologies are available that are process-enabling and provide tight process integration what IT organizational structure will allow the efficient delivery of customer services But answering questions as to what IT needs begs other questions regarding how and where. For example: Knowing how to design and implement IT processes that enable quality IT service delivery and support to customers Knowing how to implement process-enabling technologies quickly and cost-effectively Knowing how to identify which IT functions to insource and which (if any) to consider for selective outsourcing Knowing where to start Knowing when you should start planning for IT Service Management is perhaps the easiest question to answer - you should have started yesterday!
January 2000
Version 2.0
January 2000
Version 2.0
January 2000
Version 2.0
Translate IT strategy into planned IT services Create detailed service design specifications Define and manage service levels within cost constraints (and service budget) via SLAs Provide security for infrastructure and data Service Design & Management
Business - IT Alignment
The processes contained in this group are focused on running IT "as a business. The activities performed by these processes determine service market potential; seek and achieve a common understanding between IT and its customers regarding business needs and IT capabilities; and
Page 20 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
in the end, formulate an IT strategy that will optimize IT added-value. These processes are therefore quite strategic in nature.
Operations Bridge
Similar to the nautical concept of a "bridge" on a ship, the processes in this group work together to provide the required command, control, and support of the IT environment. These processes also manage customer satisfaction. Focused on service delivery, they enable the on-going running, monitoring, and maintenance of the IT enterprise environment.
January 2000
Version 2.0
Business Assessment
IT Strategy Development
Release to Production
Capacity Management
Cost Management
13 Note that Hewlett-Packard Consulting has developed detailed process design guides for each of the processes in the model. These guides are an example of some of the structured intellectual capital available for use during HP consulting engagements. Please contact your Hewlett-Packard sales representative for further information. Page 22 of 36
January 2000
Version 2.0
Customer Management
The Customer Management process enables IT to function as a business partner with its customers. Performing this process allows IT to anticipate new customer requirements, communicate service value to the customer, measure customer satisfaction, and engage in joint problem solving efforts. The Business Assessment process, when doing competitive and market analyses, can utilize much of the customer information gained as a result of this process, while the findings of both the Business Assessment and Customer Management processes provide much of the substance that fuels the IT Strategy Development process. Process Delivery Activities Develop marketing communications Maintain proposal boilerplates Sell IT services Manage customer relationship Survey customers Identify service opportunities Conduct executive briefings Perform new customer introduction Quality Control Activities Establish liaison procedures Establish customer introduction procedures Develop management reports Perform continuous process improvement
January 2000
Version 2.0
IT Strategy Development
This process enables IT to derive and establish the overall value proposition for the IT services organization by consolidating the market segment value statements discovered by the Business Assessment process. It aligns customer business planning with IT business planning, helps IT articulate a broad plan for achieving its goals and objectives, and enables IT to act decisively. Utilizing much of the information developed by the Business Assessment and Customer Management processes, this process translates customer business requirements into a coherent IT strategy. This strategy should include a well-defined IT architecture and relevant organizational models. IT Strategy Development, Business Assessment and Customer Management (i.e., the Business IT Alignment processes) will all be required to interact in order to derive a sound IT strategy. Together, these processes will output the business cases and requirements that will be consumed as inputs by the Service Planning process. Process Delivery Activities Determine IT budget Perform strategic analysis Define and document the IT vision Develop the IT mission statement Identify breakthrough objectives Identify key critical success factors, obstacles, and constraints Select service solutions for IT provisioning Identify enabling technologies Define the IT architecture Quality Control Activities Establish IT business planning and control procedures Define IT business rules Determine the IT organizational structure Establish IT policies, standards, guidelines and procedures Determine service selection prioritization procedures and criteria Develop implementation control procedures Develop management reports Perform continuous process improvement
January 2000
Version 2.0
Develop strategic alliances Evaluate portfolio impacts Keep service current Manage service value Obsolete service Quality Control Activities Develop service specification standards Develop management reports Perform continuous process improvement
Security Management
The Security Management process enables IT to define, track and control the security of corporate information and services. This process accounts for the implementation, control and maintenance of the total security infrastructure. All services (current, newly developed and planned) must adhere to strict corporate standards pertaining to information security. In this day and age of e-commerce, data security is of the greatest importance. Process Delivery Activities Enforce corporate security policy (as it pertains to IT) Promote security awareness within IT Conduct security gap analyses Conduct security risk assessments Perform security audits Evaluate security incidents Assist with the resolving security issues found within other IT processes
Page 25 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
Establish supplier relationships (related to security) Quality Control Activities Establish security procedures (includes virus control) Select security systems and/or tools Develop management reports Perform continuous process improvement
Availability Management
The Availability Management process allows IT to define, track, and control service availability to its customers and manage supplier contributions to overall service availability. It should be noted that considerations like system availability and network availability are vital components enabling service availability. Service plans (i.e., specifications) generated by Service Planning are reviewed and analyzed as a result of the Availability Management process and modified if needed to reflect service availability requirements. Service level agreements (SLAs) must contain a negotiated understanding of predicted service usage, how the service will be delivered in the event of a disaster (e.g., off-site computing, emergency response, etc.), what types of service contingencies IT has prepared for (e.g., on-site inventory of spare parts, etc.). The Availability Management process will deliver this important information to Service Level Management for SLA development. Process Delivery Activities Determine reliability and serviceability requirements Determine contingency requirements Analyze service availability risks Conduct gap analysis (availability) Develop buy vs. build recommendations (availability) Develop buy and build specifications (availability) Establish supplier relationships Analyze service availability performance Propose service improvements (availability) Conduct supplier review Rehearse and review contingency plan Quality Control Activities Establish supplier procedures Establish contingency plan standards Develop management reports Perform continuous process improvements
Capacity Management
This process enables IT to define, track, and control service capacities to ensure service workloads are ready to meet the demands of customers at agreed-upon performance levels. It should be noted that considerations like system capacity and network capacity are vital components enabling overall service capacity. Service capacity information is also critical to successful new services and service level agreements; therefore this process interacts with the Service Planning and Service Level Management in a way similar to Availability Management. Process Delivery Activities Inventory service resources Characterize service workloads and demands Configure service capacity profile Determine service capacity requirements
Page 26 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
Conduct gap analysis (service capacity) Develop buy vs. build recommendations (service capacity) Develop buy and build specifications (service capacity) Analyze workload performance Propose service improvements (capacity) Manage service demand Quality Control Activities Establish a service capacity planning system Establish service capacity planning benchmarks Develop management reports Perform continuous process improvement
Cost Management
The Cost Management process enables IT to define IT cost and charging allocation structures that support service budgets and ensure cost recovery. This process includes tracking and controlling actual costs by service and by customer. It also includes charging customers for service delivery. It will be important for each IT process to track the costs accrued and pass this information to Cost Management. In turn, Cost Management will be required to interact with the Business-IT Alignment processes for budgeting purposes, and with Service Planning and Service Level Management for service pricing estimates. Process Delivery Activities Calculate expected service cost Analyze projected revenues Develop service budget Analyze service usage and cost Propose service improvements (cost) Calculate invoice and bill customer Receive payment Track financial assets Calculate total cost of ownership Quality Control Activities Establish cost and charging allocation structures Promote cost-effective service usage Establish cost management system Establish investment appraisal guidelines Develop management reports Perform continuous process improvements
January 2000
Version 2.0
Production processes, among others. (Note that an important part of this process is testing for adherence to security policies and guidelines.) Process Delivery Activities Acquire service components Develop application provision guidelines Develop applications Certify hardware/software Construct service support and control mechanisms Develop test plan and procedures Perform prototype test setup Perform prototype test Perform unit test setup Perform unit test Perform pilot test setup Perform pilot test Document recovery procedures Develop support procedures Develop training design and plan Develop training materials Develop "master blueprint" (i.e., production plan) Quality Control Activities Develop management reports Perform continuous process improvement
Release to Production
Performing the Release to Production process enables IT to create one or more production copies of a new or updated component, service function, or end-to-end service for a specific customer, based on a detailed production plan referred to here as a "master blueprint." Required components are procured and the production copy is staged, implemented in the production environment, tested, and activated for customer use (this means it is ready for billing). The Release to Production process interacts with the Build & Test, Change Management, and Configuration Management processes, as well as other processes in the model. Process Delivery Activities Procure resources Conduct IT staff and supplier training Assemble components Distribute components Implement service support and control mechanisms Implement component, service function, or end-to-end service Perform software administration Conduct customer training Establish production test scenarios Perform production test Perform customer acceptance test setup Perform customer acceptance test Activate service Quality Control Activities Develop management reports Perform continuous process improvement
Page 28 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
Incident Management
Purely reactive in nature, this process, often simply called Help Desk or Service Desk, is focused on quickly restoring service availability by handling incidents occurring in the infrastructure or reported by customers and seeks to minimize service disruptions. This process manages the day-to-day support interface between customers and service providers, and as such is critical to successfully managing customer satisfaction. Call management and efficient first, second and third-level support are encompassed in this process. Again, Change and Configuration Management interact heavily with this process. Process Delivery Activities Accept calls Log incidents Categorize incidents Prioritize incidents Isolate incidents Escalate incidents (within the process and/or to management) Track incident progress Resolve incidents Notify customers Close incidents
Page 29 of 36 Copyright 2000 Hewlett-Packard Company. All rights reserved.
January 2000
Version 2.0
Quality Control Activities Establish Help Desk structure Establish incident control system Develop management reports Perform continuous process improvement
Problem Management
Purely proactive in nature, this process is focused on reducing the number of incidents occurring in the production environment by addressing the root causes of failures (based on closed incidents). It also includes on-going trend analysis and known error control, concerned with ensuring that long-term solutions addressing root causes are implemented. This process is closely tied to Incident Management, as it operates in part on the closed incidents generated by the Helpdesk, as well as informing other processes about potential problems with the infrastructure. Process Delivery Activities Analyze incident trends Log problem Identify root cause Track problem progress Verify known errors Control known errors Resolve problems Close problems/known errors Quality Control Activities Establish problem/known error control system Setup and maintain support contacts Establish preventive maintenance procedures Establish known error verification facilities Establish supplier support interfaces Develop management reports Perform continuous process improvement
January 2000
Version 2.0
Quality Control Activities Establish RFC submittal process Define change category and priority schemes Establish change "project" management process Establish change advisory board Conduct post-change review (retrospective) Develop management reports Perform continuous process improvement
Configuration Management
This IT process centrally registers and controls information about the infrastructure, such as configuration item (CI) attributes (e.g., identifying system and network hardware, production software, people (staff), documentation, etc.), CI status (e.g., in stock, in repair, in production, etc.), and their relationships (e.g., This user has PC A on her desk, printers B, C, and D 14 available for use, is covered by Online Shopping SLA 10.1, etc.). Note that upon first glance it is easy to mistake this process for standard asset management. This is wrong. The Configuration Management process is distinct from corporate asset management in that it is focused entirely on the IT infrastructure and allows interrogation of infrastructure data based on relationships. Any other IT process that will be affecting the infrastructure will be interacting with this process. Process Delivery Activities Maintain CIs Conduct control and status accounting Report CMDB data Verify integrity of CMDB data Quality Control Activities Load initial CMDB data Establish configuration management system Develop CI control policies Develop management reports Perform continuous process improvement
14
Configuration data are typically stored in a Configuration Management database (CMDB). Page 31 of 36
January 2000
Version 2.0
January 2000
Version 2.0
Add to this the facts (discussed earlier) regarding the necessary robust infrastructure, tools, etc., that are required to deliver quality services, and it becomes obvious why IT managers cant make serious commitments to their customers about service. Yet, still they are on the hook, so to speak, to write service level agreements (SLAs) and make guarantees. This is a difficult situation to say the least. The Reference Model helps IT organizations understand what is required to be both customer and service-oriented. It describes the relationships between Service Level Management (the process which results in signed SLAs) and other IT processes in the model, identifies the necessary business and process linkages, and provides a totally integrated view of overall service quality. Again, this process, like all of the other processes in the Reference Model, is further detailed in process design guides used by Hewlett-Packard Consulting.
January 2000
Version 2.0
used to further explain the necessary information exchanges and integrations that must occur between these two processes and every other process in the model.
Acknowledgements The development of the Hewlett-Packard IT Service Management Reference Model was an aggressive team effort, involving many people from different HP entities and countries during the project, too many to mention each and every one here. Yet, certain contributors provided such value that they must be mentioned by name. It is with great pride that I call them my peers. Special thanks to: Yvonne Bentley and Dorene Matney. Additional key contributors were: Bert Van Barneveld, Paul Ham, Colin Henderson, Peter Kane, Joe Kouba, Karen Klukiewicz, Paul Miller, Jens Ritter, Jeff Swann, Mark Taguma, Ron Tarver, Georg Bock, Tjerk Feenstra, Karl Tomlinson, Steve Lochner, Monica Hasegawa, Steve Helper, Christian de Ryss, Larry Hicks, Masashi Fujita, Gavin Runnalls, Arjan Middendorp, Onno Van Kooten, and Erik Laboulbenne. I am also especially grateful for the assistance given to me by Brad Wasson, Tjerk Feenstra, Paul Miller, and Hans Linschooten in the development of this version of the white paper. Jeff Drake Hewlett-Packard Consulting
Technical information in this document is subject to change without notice. Copyright Hewlett-Packard Company 2000. All rights reserved. Reproduction, adaptation, or translation without prior written permission is prohibited, except as allowed under the copyright laws.